On Wed, Aug 20, 2025 at 2:44 PM Daniel P. Berrangé <berra...@redhat.com> wrote: > > The qemu-secur...@nongnu.org list is considered the authoritative > contact for reporting QEMU security issues. Remove the Red Hat > security team address in favour of QEMU's list, to ensure that > upstream gets first contact. There is a representative of the > Red Hat security team as a member of qemu-secur...@nongnu.org > whom requests CVE assignments on behalf of QEMU when needed. > > Signed-off-by: Daniel P. Berrangé <berra...@redhat.com> > --- > MAINTAINERS | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/MAINTAINERS b/MAINTAINERS > index a07086ed76..3edfb25d5a 100644 > --- a/MAINTAINERS > +++ b/MAINTAINERS > @@ -85,7 +85,7 @@ Responsible Disclosure, Reporting Security Issues > ------------------------------------------------- > W: https://wiki.qemu.org/SecurityProcess > M: Michael S. Tsirkin <m...@redhat.com> > -L: secal...@redhat.com > +L: qemu-secur...@nongnu.org > > Trivial patches > --------------- > -- > 2.50.1 >
Reviewed-by: Mauro Matteo Cascella <mcasc...@redhat.com> Thanks, -- Mauro Matteo Cascella Red Hat Product Security PGP-Key ID: BB3410B0
